Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Clicking on links get redirected


  • Please log in to reply
19 replies to this topic

#1 TomV22

TomV22

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 17 May 2013 - 03:58 PM

Seems whenever I click on a link it doesn't go to the site that it should.  This happens both on Firefox as well as Chrome browsers.

 

In addition, there are times when booting up the computer that it is very slow.   Can take like up to 15 minutes to boot up.  Sure this is an old computer, but it seems it is taking forever now.   Hasn't been that long in the past.   Also have seen chkdsk being run as well during the boot process.



BC AdBot (Login to Remove)

 


#2 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 19 May 2013 - 06:36 PM

Also while in Chrome and Firefox browsers. the URL addresses display look very suspicious  (ie.  2008.www.(web site).com)

 

Plus the computer doesn't close down properly...wheels spinning when shutting down at the Shutting Down screen.

 

Also should mention that the operating system is Windows Vista.

 

Thanks!



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:43 AM

Posted 21 May 2013 - 04:24 PM

Hello and welcome.. Appears you are infected so lets run these and see how it is after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.
EDIT>>> fixed link


Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe[/url] to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


Edited by boopme, 23 May 2013 - 08:07 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:03:43 AM

Posted 22 May 2013 - 10:19 AM

TomV22,

 

Along with what boopme has posted please run a hard drive test as well and let us know what it shows.

 

Please follow the following instructions very carefully and if needed please print them!

 


Please read and reread this in detail before you start, if you have any questions please ask!!

Please click the DOWNLOAD link on this Page, under the pic of a HDD
Save it to and unzip it to your desktop
Open the app and select your drive under "Drive#"
Click the little drive above the top information box
Pick "Extended Test" and then start
This test will take a while with larger drives
NOTE:  DO NOT select Write Zeros in the last box or you WILL lose all of your data!!  Please be careful and double check what you pick!!!!
 

Please let boopme know what this shows, pass or fail, on your hard drive along with his requested logs.  Thanks Jimbob85.



#5 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 01:50 PM

Also seems one other item (will be running the items above and posting).

 

Seems one of the accounts (my wifes), can NEVER log off now.   No matter how long you wait, it never logs off.   Also if you happen to switch users, then the user account you switch to shows the dreaded black screen with a mouse pointer.   

 

Lastly, I have an HP all-in-one-printer and have tried all the various resources on HP (they s*ck at customer service) on the HP Solution message of "No HP devices have been detected.  HP Solution Center will close now".  Have removed and re-installed numerous time to no effect.   

 

Hopefully we can correct those 2 items above as well.

 

Thanks!

Thomas



#6 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:03:43 AM

Posted 23 May 2013 - 01:54 PM

We will see what we can do for you.  Please post the results of the above scans/tests.



#7 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 02:14 PM

Minitoolbox results :

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by Tom (administrator) on 23-05-2013 at 12:51:23
Running from "C:\Users\Tom\Desktop\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: :0
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Ownerr
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.co.comcast.net.
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
   Physical Address. . . . . . . . . : 00-21-9B-1E-1A-97
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b156:2ba9:d226:afda%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 23, 2013 12:37:30 PM
   Lease Expires . . . . . . . . . . : Thursday, May 30, 2013 12:37:30 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 251666843
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-F8-D9-C7-00-21-9B-1E-1A-97
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 15:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 16:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 17:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 18:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 20:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 21:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 25:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : isatap.hsd1.co.comcast.net.
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:400f:801::1000
 74.125.225.201
 74.125.225.198
 74.125.225.199
 74.125.225.193
 74.125.225.194
 74.125.225.195
 74.125.225.200
 74.125.225.196
 74.125.225.197
 74.125.225.192
 74.125.225.206
 
 
 
Pinging google.com [74.125.225.197] with 32 bytes of data:
 
Reply from 74.125.225.197: bytes=32 time=13ms TTL=55
 
Reply from 74.125.225.197: bytes=32 time=14ms TTL=55
 
 
 
Ping statistics for 74.125.225.197:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 13ms, Maximum = 14ms, Average = 13ms
 
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=110ms TTL=49
 
Reply from 206.190.36.45: bytes=32 time=124ms TTL=49
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 110ms, Maximum = 124ms, Average = 117ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 11 ...00 21 9b 1e 1a 97 ...... Intel® 82562V-2 10/100 Network Connection
  1 ........................... Software Loopback Interface 1
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 16 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 17 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 18 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 19 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 21 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 22 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 27 ...00 00 00 00 00 00 00 e0  isatap.hsd1.co.comcast.net.
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.100    276
    192.168.0.100  255.255.255.255         On-link     192.168.0.100    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.100    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::b156:2ba9:d226:afda/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/23/2013 00:50:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
 
Error: (05/23/2013 00:39:00 PM) (Source: IDVault) (User: )
Description: IsIDVaultRunning failed Only part of a ReadProcessMemory or WriteProcessMemory request was completed   at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly)
   at System.Diagnostics.NtProcessManager.GetFirstModuleInfo(Int32 processId)
   at System.Diagnostics.Process.get_MainModule()
   at .?.?()
 
Error: (05/23/2013 00:38:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/23/2013 00:38:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/23/2013 00:38:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/23/2013 00:08:04 PM) (Source: Application Error) (User: )
Description: Faulting application RealPlay.exe, version 16.0.1.18, time stamp 0x51379c37, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000022, fault offset 0x0006f52f,
process id 0x19e8, application start time 0xRealPlay.exe0.
 
Error: (05/23/2013 00:07:04 PM) (Source: Application Error) (User: )
Description: Faulting application RealPlay.exe, version 16.0.1.18, time stamp 0x51379c37, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000022, fault offset 0x0006f52f,
process id 0x1f94, application start time 0xRealPlay.exe0.
 
Error: (05/23/2013 00:06:04 PM) (Source: Application Error) (User: )
Description: Faulting application RealPlay.exe, version 16.0.1.18, time stamp 0x51379c37, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000022, fault offset 0x0006f52f,
process id 0x1aa8, application start time 0xRealPlay.exe0.
 
Error: (05/23/2013 00:05:04 PM) (Source: Application Error) (User: )
Description: Faulting application RealPlay.exe, version 16.0.1.18, time stamp 0x51379c37, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000022, fault offset 0x0006f52f,
process id 0x16d0, application start time 0xRealPlay.exe0.
 
Error: (05/23/2013 00:04:04 PM) (Source: Application Error) (User: )
Description: Faulting application RealPlay.exe, version 16.0.1.18, time stamp 0x51379c37, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000022, fault offset 0x0006f52f,
process id 0x1c50, application start time 0xRealPlay.exe0.
 
 
System errors:
=============
Error: (05/23/2013 00:40:10 PM) (Source: Service Control Manager) (User: )
Description: Beep
 
Error: (05/23/2013 00:38:36 PM) (Source: Service Control Manager) (User: )
Description: 30000Roxio Hard Drive Watcher 9
 
Error: (05/23/2013 00:37:25 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:34:48 PM on 5/23/2013 was unexpected.
 
Error: (05/23/2013 00:29:49 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
 
Error: (05/23/2013 00:29:19 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (05/22/2013 11:08:21 PM) (Source: Service Control Manager) (User: )
Description: 30000stisvc
 
Error: (05/22/2013 00:29:12 PM) (Source: Service Control Manager) (User: )
Description: Beep
 
Error: (05/22/2013 00:27:21 PM) (Source: Service Control Manager) (User: )
Description: 30000Roxio Hard Drive Watcher 9
 
Error: (05/22/2013 10:35:49 AM) (Source: Service Control Manager) (User: )
Description: Beep
 
Error: (05/22/2013 10:33:48 AM) (Source: Service Control Manager) (User: )
Description: 30000Roxio Hard Drive Watcher 9
 
 
Microsoft Office Sessions:
=========================
Error: (05/23/2013 00:50:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Tom\Desktop\Downloads\esetsmartinstaller_enu.exe
 
Error: (05/23/2013 00:39:00 PM) (Source: IDVault)(User: )
Description: IsIDVaultRunning failed Only part of a ReadProcessMemory or WriteProcessMemory request was completed   at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32 processId, Boolean firstModuleOnly)
   at System.Diagnostics.NtProcessManager.GetFirstModuleInfo(Int32 processId)
   at System.Diagnostics.Process.get_MainModule()
   at .?.?()
 
Error: (05/23/2013 00:38:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/23/2013 00:38:21 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe
 
Error: (05/23/2013 00:38:20 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe
 
Error: (05/23/2013 00:08:04 PM) (Source: Application Error)(User: )
Description: RealPlay.exe16.0.1.1851379c37ntdll.dll6.0.6002.185414ec3e39fc00000220006f52f19e801ce57e0781bb680
 
Error: (05/23/2013 00:07:04 PM) (Source: Application Error)(User: )
Description: RealPlay.exe16.0.1.1851379c37ntdll.dll6.0.6002.185414ec3e39fc00000220006f52f1f9401ce57e054578620
 
Error: (05/23/2013 00:06:04 PM) (Source: Application Error)(User: )
Description: RealPlay.exe16.0.1.1851379c37ntdll.dll6.0.6002.185414ec3e39fc00000220006f52f1aa801ce57e030921d40
 
Error: (05/23/2013 00:05:04 PM) (Source: Application Error)(User: )
Description: RealPlay.exe16.0.1.1851379c37ntdll.dll6.0.6002.185414ec3e39fc00000220006f52f16d001ce57e00ceee260
 
Error: (05/23/2013 00:04:04 PM) (Source: Application Error)(User: )
Description: RealPlay.exe16.0.1.1851379c37ntdll.dll6.0.6002.185414ec3e39fc00000220006f52f1c5001ce57dfe9092040
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-04-24 10:31:57.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:57.701
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:57.503
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:57.275
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:42.361
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:42.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:41.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:41.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:41.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-24 10:31:41.153
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (Version: 7.2.8)
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000)
Akamai NetSession Interface
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
Apple Mobile Device Support (Version: 6.1.0.13)
Bonjour (Version: 3.0.0.10)
ccc-utility64 (Version: 2012.1219.1521.27485)
Conexant D850 PCI V.92 Modem (Version: 7.74.00)
Dell Dock (Version: 1.0.0)
DownloadTerms (Version: 1.0)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Solution Center 8.0 (Version: 8.0)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 11.0.3.42)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Modem Diagnostic Tool (Version: 1.0.24.0)
OCTGN (Version: 0.10.0.0)
VD64Inst (Version: 1.00.0000)
WebEx
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (Version: 02/17/2009 2.04.16)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 36%
Total physical RAM: 6141.27 MB
Available physical RAM: 3884.31 MB
Total Pagefile: 12395.56 MB
Available Pagefile: 9510.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.27 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:683.95 GB) (Free:237.45 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.16 GB) NTFS
3 Drive e: (GRE_217_Americas) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\OWNERR
 
Administrator            ASPNET                   Guest                    
Krystin                  NewKrystin               owner                    
Tom                      
 
 
**** End of log ****


#8 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 02:15 PM

Unable to find the TDSSkiller app.   Link is broken..going to next item



#9 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:03:43 AM

Posted 23 May 2013 - 02:17 PM

I will provide a new link for TDSS    Please Download Tdsskiller

 

boopme will advise you on the logs.



#10 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 02:33 PM

Ran AdwCleaner (log below).

 

Saw 2 items of note :

1) Something tried to change my home page setting.  Norton got an alert on that as well as 1 other alert.  Normal?

   a) Got another Norton alert   On knrr5-dx.dll (suspicious.cloud.9).   Part of cleaner?!?

2) After reboot, in the DOS window, there was various items I gather Adware Cleaner tried to delete without success.   Lots of "access denied" messages (and was still trying, even after the log file appeared).

 

Log file :

# AdwCleaner v2.301 - Logfile created 05/23/2013 at 13:17:45
# Updated 16/05/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Tom - OWNERR
# Boot Mode : Normal
# Running from : C:\Users\Tom\Desktop\Downloads\AdwCleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\APN
Deleted on reboot : C:\Users\Krystin\AppData\Local\Babylon
Deleted on reboot : C:\Users\Krystin\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\Krystin\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Krystin\AppData\LocalLow\SweetIM
Deleted on reboot : C:\Users\Krystin\AppData\LocalLow\xfin_portal
Deleted on reboot : C:\Users\Krystin\AppData\Roaming\Babylon
Deleted on reboot : C:\Users\NewKrystin\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\NewKrystin\AppData\LocalLow\SweetIM
Deleted on reboot : C:\Users\owner\AppData\Local\AskToolbar
Deleted on reboot : C:\Users\owner\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\owner\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Test\AppData\Local\Babylon
Deleted on reboot : C:\Users\Test\AppData\LocalLow\AskToolbar
Deleted on reboot : C:\Users\Test\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Test\AppData\LocalLow\xfin_portal
Deleted on reboot : C:\Users\Test\AppData\Roaming\Babylon
File Deleted : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\4zva8812.test\searchplugins\safesearch.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19418

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\hpefdh0c.default\prefs.js

Deleted : user_pref("extensions.crossriderapp26766.26766.InstallationTime", 1367773713);
Deleted : user_pref("extensions.crossriderapp26766.26766.active", true);
Deleted : user_pref("extensions.crossriderapp26766.26766.addressbar", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.backgroundjs", "\n\n//\n");
Deleted : user_pref("extensions.crossriderapp26766.26766.backgroundver", 10);
Deleted : user_pref("extensions.crossriderapp26766.26766.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp26766.26766.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.InstallationTime.value", "1367773713");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:0[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_aoi.value", "1367773713");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_arbitrary_code.expiration", "Thu May 23 2[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_arbitrary_code.value", "%22var%20start_ti[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_blocklist.expiration", "Thu May 23 2013 1[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_blocklist.value", "%22nonexistantdomain.c[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_country_code.expiration", "Sat May 25 201[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:0[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_crr.value", "1369322746");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_currenttime.value", "%221368543681%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_ib_delay.value", "24");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_ib_disclosure.value", "1368933547");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_ib_list.expiration", "Thu May 23 2013 15:[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_ib_list.value", "%7B%225a0a78b4cf7a0f072d[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_installer_params.expiration", "Fri Feb 01[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_installer_params.value", "%7B%22source_id[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_installtime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_installtime.value", "%221367526604%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_pc_20120828.value", "1367773743203");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_product_id.value", "%221350%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:0[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie._GPL_zoneid.value", "%22182801%22");
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp26766.26766.cookie.dbtest.value", "1367773732149");
Deleted : user_pref("extensions.crossriderapp26766.26766.description", "Discount Buddy");
Deleted : user_pref("extensions.crossriderapp26766.26766.domain", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp26766.26766.homepage", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.iframe", false);
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_appVer.value", "13");
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_lastVersion.value", "1");
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_nextCheck.expiration", "Thu May [...]
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_remote_resources.expiration", "F[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.internaldb.Resources_remote_resources.value", "%7B%22[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.name", "Discount Buddy");
Deleted : user_pref("extensions.crossriderapp26766.26766.newtab", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.opensearch", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1.ver", 6);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1000014.code", "Array.prototype.indexO[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1000014.ver", 15);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1000015.code", "var a=appAPI.db.getLis[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_1000015.ver", 38);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_13.ver", 3);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_14.ver", 3);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_16.ver", 7);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_17.ver", 4);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_21.ver", 4);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_22.ver", 4);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_28.ver", 3);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_4.ver", 4);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_47.ver", 3);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_64.ver", 2);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_72.ver", 3);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_78.ver", 3);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_98.code", "(function(){var b=\"cr_\"+a[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_98.name", "omniCommands");
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins.plugin_98.ver", 2);
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,100[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,2[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp26766.26766.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp26766.26766.pluginsversion", 11);
Deleted : user_pref("extensions.crossriderapp26766.26766.publisher", "Innovative Apps");
Deleted : user_pref("extensions.crossriderapp26766.26766.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp26766.26766.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp26766.26766.thankyou", "");
Deleted : user_pref("extensions.crossriderapp26766.26766.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp26766.26766.ver", 13);
Deleted : user_pref("extensions.crossriderapp26766.apps", "26766");
Deleted : user_pref("extensions.crossriderapp26766.bic", "13dbd5df28b3618827016f320fb763f5");
Deleted : user_pref("extensions.crossriderapp26766.cid", 26766);
Deleted : user_pref("extensions.crossriderapp26766.firstrun", false);
Deleted : user_pref("extensions.crossriderapp26766.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp26766.installationdate", 1367773712);
Deleted : user_pref("extensions.crossriderapp26766.lastcheck", 22822046);
Deleted : user_pref("extensions.crossriderapp26766.lastcheckitem", 22822223);
Deleted : user_pref("extensions.crossriderapp26766.modetype", "production");
Deleted : user_pref("extensions.crossriderapp26766.reportInstall", true);
Deleted : user_pref("extensions.crossriderapp26766.statsDailyCounter", 8);

File : C:\Users\Krystin\AppData\Roaming\Mozilla\Firefox\Profiles\3gc28118.default\prefs.js

[OK] File is clean.

File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\4zva8812.test\prefs.js

[OK] File is clean.

File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\kx43be6t.default\prefs.js

[OK] File is clean.

File : C:\Users\Test\AppData\Roaming\Mozilla\Firefox\Profiles\3gc28118.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.93

File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.605] : search_url = "hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&ba[...]
Deleted [l.2819] : homepage = "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={8D0C07B0-9706-1[...]

File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.36] : search_url = "hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&ba[...]

*************************

AdwCleaner[R1].txt - [34830 octets] - [29/04/2013 11:54:37]
AdwCleaner[S1].txt - [33484 octets] - [29/04/2013 11:56:30]
AdwCleaner[S2].txt - [16907 octets] - [23/05/2013 13:17:45]

########## EOF - C:\AdwCleaner[S2].txt - [16968 octets] ##########
 



#11 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 02:39 PM

TDSSkiller log file :

 

13:36:54.0184 6852  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:36:55.0175 6852  ============================================================
13:36:55.0175 6852  Current date / time: 2013/05/23 13:36:55.0175
13:36:55.0175 6852  SystemInfo:
13:36:55.0175 6852  
13:36:55.0175 6852  OS Version: 6.0.6002 ServicePack: 2.0
13:36:55.0175 6852  Product type: Workstation
13:36:55.0175 6852  ComputerName: OWNERR
13:36:55.0176 6852  UserName: Tom
13:36:55.0176 6852  Windows directory: C:\Windows
13:36:55.0176 6852  System windows directory: C:\Windows
13:36:55.0176 6852  Running under WOW64
13:36:55.0176 6852  Processor architecture: Intel x64
13:36:55.0176 6852  Number of processors: 2
13:36:55.0176 6852  Page size: 0x1000
13:36:55.0176 6852  Boot type: Normal boot
13:36:55.0176 6852  ============================================================
13:36:57.0390 6852  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:57.0435 6852  ============================================================
13:36:57.0435 6852  \Device\Harddisk0\DR0:
13:36:57.0452 6852  MBR partitions:
13:36:57.0453 6852  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
13:36:57.0453 6852  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
13:36:57.0453 6852  ============================================================
13:36:57.0531 6852  C: <-> \Device\Harddisk0\DR0\Partition2
13:36:57.0693 6852  D: <-> \Device\Harddisk0\DR0\Partition1
13:36:57.0693 6852  ============================================================
13:36:57.0693 6852  Initialize success
13:36:57.0693 6852  ============================================================
13:37:18.0189 4388  ============================================================
13:37:18.0190 4388  Scan started
13:37:18.0190 4388  Mode: Manual; TDLFS;
13:37:18.0190 4388  ============================================================
13:37:19.0398 4388  ================ Scan system memory ========================
13:37:19.0398 4388  System memory - ok
13:37:19.0399 4388  ================ Scan services =============================
13:37:20.0154 4388  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:37:20.0158 4388  ACPI - ok
13:37:20.0294 4388  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:37:20.0295 4388  AdobeARMservice - ok
13:37:20.0595 4388  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:37:20.0597 4388  AdobeFlashPlayerUpdateSvc - ok
13:37:20.0674 4388  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:37:20.0682 4388  adp94xx - ok
13:37:20.0726 4388  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:37:20.0732 4388  adpahci - ok
13:37:20.0762 4388  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:37:20.0766 4388  adpu160m - ok
13:37:20.0789 4388  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:37:20.0793 4388  adpu320 - ok
13:37:20.0841 4388  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:37:20.0842 4388  AeLookupSvc - ok
13:37:20.0919 4388  [ 0D7A11395C0A33D9E7587CDB9866EFAD ] AERTFilters     C:\Windows\system32\AERTSr64.exe
13:37:20.0920 4388  AERTFilters - ok
13:37:21.0038 4388  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
13:37:21.0056 4388  AFD - ok
13:37:21.0102 4388  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:37:21.0103 4388  agp440 - ok
13:37:21.0116 4388  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:37:21.0120 4388  aic78xx - ok
13:37:21.0710 4388  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll
13:37:21.0711 4388  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
13:37:21.0720 4388  Akamai ( HiddenFile.Multi.Generic ) - warning
13:37:21.0721 4388  Akamai - detected HiddenFile.Multi.Generic (1)
13:37:21.0769 4388  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
13:37:21.0770 4388  ALG - ok
13:37:21.0866 4388  [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:37:21.0869 4388  aliide - ok
13:37:22.0012 4388  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:37:22.0114 4388  AMD External Events Utility - ok
13:37:22.0149 4388  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
13:37:22.0151 4388  amdide - ok
13:37:22.0199 4388  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:37:22.0201 4388  AmdK8 - ok
13:37:23.0086 4388  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:37:23.0292 4388  amdkmdag - ok
13:37:23.0345 4388  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:37:23.0348 4388  amdkmdap - ok
13:37:23.0385 4388  [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf         C:\Windows\system32\DRIVERS\anodlwfx.sys
13:37:23.0385 4388  anodlwf - ok
13:37:23.0473 4388  [ 3271D18CAADC0C78C7D195225C8083F2 ] AntiLog32       C:\Windows\system32\drivers\AntiLog64.sys
13:37:23.0473 4388  AntiLog32 - ok
13:37:23.0585 4388  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
13:37:23.0585 4388  Appinfo - ok
13:37:23.0700 4388  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:37:23.0725 4388  Apple Mobile Device - ok
13:37:23.0800 4388  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
13:37:23.0827 4388  arc - ok
13:37:23.0875 4388  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:37:23.0878 4388  arcsas - ok
13:37:24.0041 4388  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:37:24.0098 4388  aspnet_state - ok
13:37:24.0123 4388  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:37:24.0124 4388  AsyncMac - ok
13:37:24.0163 4388  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:37:24.0164 4388  atapi - ok
13:37:24.0275 4388  [ E77CCB62D96A218D62DD4B3B8A385395 ] atashost        C:\Windows\SysWOW64\atashost.exe
13:37:24.0276 4388  atashost - ok
13:37:24.0388 4388  [ 917692CDF8E1CE00D9752FA40615338B ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH6.sys
13:37:24.0389 4388  AtiHDAudioService - ok
13:37:24.0465 4388  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:37:24.0474 4388  AudioEndpointBuilder - ok
13:37:24.0484 4388  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:37:24.0487 4388  AudioSrv - ok
13:37:24.0830 4388  [ 4AA81E69A0A99035392880DBC953B1A1 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.exe
13:37:24.0832 4388  BBSvc - ok
13:37:24.0897 4388  [ 49CBA45AB82D25A6FFC4ECB3307BC9E7 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe
13:37:24.0899 4388  BBUpdate - ok
13:37:24.0946 4388  Beep - ok
13:37:25.0073 4388  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
13:37:25.0080 4388  BFE - ok
13:37:25.0762 4388  [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx64.sys
13:37:25.0772 4388  BHDrvx64 - ok
13:37:25.0977 4388  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\system32\qmgr.dll
13:37:25.0999 4388  BITS - ok
13:37:26.0031 4388  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:37:26.0033 4388  blbdrive - ok
13:37:26.0187 4388  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:37:26.0199 4388  Bonjour Service - ok
13:37:26.0256 4388  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:37:26.0257 4388  bowser - ok
13:37:26.0355 4388  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:37:26.0356 4388  BrFiltLo - ok
13:37:26.0377 4388  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:37:26.0378 4388  BrFiltUp - ok
13:37:26.0501 4388  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
13:37:26.0502 4388  Browser - ok
13:37:26.0581 4388  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:37:26.0585 4388  Brserid - ok
13:37:26.0603 4388  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:37:26.0608 4388  BrSerWdm - ok
13:37:26.0626 4388  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:37:26.0628 4388  BrUsbMdm - ok
13:37:26.0647 4388  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:37:26.0648 4388  BrUsbSer - ok
13:37:26.0670 4388  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:37:26.0674 4388  BTHMODEM - ok
13:37:26.0692 4388  catchme - ok
13:37:26.0728 4388  [ 6C2DD66A3DB32450D661BA89B18B1941 ] CAXHWBS2        C:\Windows\system32\DRIVERS\CAXHWBS2.sys
13:37:26.0733 4388  CAXHWBS2 - ok
13:37:26.0849 4388  [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
13:37:26.0858 4388  cbfs3 - ok
13:37:27.0142 4388  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys
13:37:27.0143 4388  ccSet_N360 - ok
13:37:27.0189 4388  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:37:27.0191 4388  cdfs - ok
13:37:27.0248 4388  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:37:27.0249 4388  cdrom - ok
13:37:27.0284 4388  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:37:27.0285 4388  CertPropSvc - ok
13:37:27.0303 4388  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:37:27.0332 4388  circlass - ok
13:37:27.0379 4388  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
13:37:27.0383 4388  CLFS - ok
13:37:27.0430 4388  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:27.0433 4388  clr_optimization_v2.0.50727_32 - ok
13:37:27.0495 4388  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:37:27.0523 4388  clr_optimization_v2.0.50727_64 - ok
13:37:27.0636 4388  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:27.0719 4388  clr_optimization_v4.0.30319_32 - ok
13:37:27.0758 4388  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:37:27.0763 4388  clr_optimization_v4.0.30319_64 - ok
13:37:27.0797 4388  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:37:27.0799 4388  cmdide - ok
13:37:27.0823 4388  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:37:27.0825 4388  Compbatt - ok
13:37:27.0831 4388  COMSysApp - ok
13:37:27.0857 4388  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:37:27.0858 4388  crcdisk - ok
13:37:27.0910 4388  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:37:27.0912 4388  CryptSvc - ok
13:37:27.0974 4388  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:37:27.0981 4388  DcomLaunch - ok
13:37:28.0064 4388  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:37:28.0065 4388  DfsC - ok
13:37:28.0447 4388  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
13:37:28.0544 4388  DFSR - ok
13:37:28.0632 4388  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:37:28.0635 4388  Dhcp - ok
13:37:28.0684 4388  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
13:37:28.0685 4388  disk - ok
13:37:28.0763 4388  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:37:28.0765 4388  Dnscache - ok
13:37:28.0791 4388  [ DB29915209770D8B59654345EC2D943A ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:37:28.0793 4388  DockLoginService - ok
13:37:28.0842 4388  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:37:28.0845 4388  dot3svc - ok
13:37:28.0890 4388  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:37:28.0891 4388  Dot4 - ok
13:37:28.0959 4388  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:37:28.0962 4388  Dot4Print - ok
13:37:28.0970 4388  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:37:28.0972 4388  dot4usb - ok
13:37:29.0005 4388  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
13:37:29.0007 4388  DPS - ok
13:37:29.0032 4388  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:37:29.0032 4388  drmkaud - ok
13:37:29.0176 4388  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:37:29.0184 4388  DXGKrnl - ok
13:37:29.0241 4388  [ A458E7D986F51C827640F5D1F1E886E4 ] e1express       C:\Windows\system32\DRIVERS\e1e6032e.sys
13:37:29.0245 4388  e1express - ok
13:37:29.0271 4388  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
13:37:29.0272 4388  E1G60 - ok
13:37:29.0288 4388  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
13:37:29.0289 4388  EapHost - ok
13:37:29.0347 4388  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:37:29.0348 4388  Ecache - ok
13:37:29.0411 4388  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:37:29.0414 4388  eeCtrl - ok
13:37:29.0454 4388  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:37:29.0457 4388  ehRecvr - ok
13:37:29.0468 4388  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
13:37:29.0470 4388  ehSched - ok
13:37:29.0482 4388  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
13:37:29.0483 4388  ehstart - ok
13:37:29.0503 4388  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:37:29.0509 4388  elxstor - ok
13:37:29.0574 4388  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:37:29.0576 4388  EMDMgmt - ok
13:37:29.0675 4388  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:37:29.0676 4388  EraserUtilRebootDrv - ok
13:37:29.0738 4388  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:37:29.0739 4388  ErrDev - ok
13:37:29.0790 4388  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
13:37:29.0793 4388  EventSystem - ok
13:37:29.0852 4388  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:37:29.0854 4388  exfat - ok
13:37:29.0903 4388  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:37:29.0904 4388  fastfat - ok
13:37:29.0918 4388  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:37:29.0919 4388  fdc - ok
13:37:29.0931 4388  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
13:37:29.0932 4388  fdPHost - ok
13:37:29.0947 4388  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
13:37:29.0948 4388  FDResPub - ok
13:37:29.0963 4388  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:37:29.0964 4388  FileInfo - ok
13:37:29.0992 4388  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:37:29.0993 4388  Filetrace - ok
13:37:30.0003 4388  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:37:30.0005 4388  flpydisk - ok
13:37:30.0064 4388  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:37:30.0066 4388  FltMgr - ok
13:37:30.0135 4388  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
13:37:30.0148 4388  FontCache - ok
13:37:30.0196 4388  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:37:30.0197 4388  FontCache3.0.0.0 - ok
13:37:30.0233 4388  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:37:30.0234 4388  Fs_Rec - ok
13:37:30.0273 4388  [ 7442BCA60ED46CC31C2F39728BBDD9AD ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
13:37:30.0274 4388  FTDIBUS - ok
13:37:30.0307 4388  [ 1FA21FF2D7B50B528D8B73DB34AD06BC ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
13:37:30.0308 4388  FTSER2K - ok
13:37:30.0354 4388  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:37:30.0355 4388  gagp30kx - ok
13:37:30.0437 4388  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:37:30.0438 4388  GEARAspiWDM - ok
13:37:30.0492 4388  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:37:30.0498 4388  gpsvc - ok
13:37:30.0611 4388  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:37:30.0612 4388  gupdate - ok
13:37:30.0629 4388  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:37:30.0631 4388  gupdatem - ok
13:37:30.0662 4388  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:37:30.0663 4388  gusvc - ok
13:37:30.0698 4388  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:37:30.0700 4388  HdAudAddService - ok
13:37:30.0746 4388  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:37:30.0756 4388  HDAudBus - ok
13:37:30.0797 4388  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:37:30.0802 4388  HidBth - ok
13:37:30.0843 4388  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:37:30.0846 4388  HidIr - ok
13:37:30.0894 4388  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\System32\hidserv.dll
13:37:30.0895 4388  hidserv - ok
13:37:30.0939 4388  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:37:30.0939 4388  HidUsb - ok
13:37:30.0962 4388  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:37:30.0964 4388  hkmsvc - ok
13:37:30.0987 4388  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:37:30.0989 4388  HpCISSs - ok
13:37:31.0141 4388  [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:37:31.0143 4388  hpqcxs08 - ok
13:37:31.0174 4388  [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:37:31.0175 4388  hpqddsvc - ok
13:37:31.0228 4388  [ 60F1D0EDE7AE2B92B3A8886E825B7147 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
13:37:31.0252 4388  HSF_DPV - ok
13:37:31.0297 4388  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:37:31.0302 4388  HTTP - ok
13:37:31.0326 4388  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:37:31.0328 4388  i2omp - ok
13:37:31.0370 4388  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:37:31.0372 4388  i8042prt - ok
13:37:31.0417 4388  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:37:31.0422 4388  iaStorV - ok
13:37:31.0484 4388  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:37:31.0485 4388  IDriverT - ok
13:37:31.0559 4388  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:37:31.0568 4388  idsvc - ok
13:37:31.0870 4388  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130522.001\IDSvia64.sys
13:37:31.0872 4388  IDSVia64 - ok
13:37:31.0987 4388  [ D527C26434271DFC7BE13E11CA7A51BF ] IDVaultSvc      C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
13:37:31.0988 4388  IDVaultSvc - ok
13:37:32.0999 4388  [ F7AB8285BBECFAA5ED4050CCB89E073D ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:37:33.0172 4388  igfx - ok
13:37:33.0205 4388  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:37:33.0207 4388  iirsp - ok
13:37:33.0245 4388  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
13:37:33.0252 4388  IKEEXT - ok
13:37:33.0296 4388  [ B3FB479A7C0626499EB5989BC087CF8D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:37:33.0308 4388  IntcAzAudAddService - ok
13:37:33.0336 4388  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
13:37:33.0338 4388  intelide - ok
13:37:33.0356 4388  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:37:33.0357 4388  intelppm - ok
13:37:33.0379 4388  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:37:33.0381 4388  IPBusEnum - ok
13:37:33.0422 4388  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:33.0423 4388  IpFilterDriver - ok
13:37:33.0450 4388  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:37:33.0454 4388  iphlpsvc - ok
13:37:33.0459 4388  IpInIp - ok
13:37:33.0482 4388  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:37:33.0485 4388  IPMIDRV - ok
13:37:33.0526 4388  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:37:33.0527 4388  IPNAT - ok
13:37:33.0646 4388  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:37:33.0670 4388  iPod Service - ok
13:37:33.0686 4388  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:37:33.0688 4388  IRENUM - ok
13:37:33.0719 4388  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:37:33.0722 4388  isapnp - ok
13:37:33.0762 4388  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:37:33.0763 4388  iScsiPrt - ok
13:37:33.0785 4388  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:37:33.0787 4388  iteatapi - ok
13:37:33.0809 4388  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:37:33.0811 4388  iteraid - ok
13:37:33.0826 4388  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:37:33.0827 4388  kbdclass - ok
13:37:33.0881 4388  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:37:33.0881 4388  kbdhid - ok
13:37:33.0933 4388  [ 15D23CCEE5CDABEFEEC203F449329E47 ] keycrypt        C:\Windows\system32\DRIVERS\KeyCrypt64.sys
13:37:33.0933 4388  keycrypt - ok
13:37:34.0014 4388  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
13:37:34.0015 4388  KeyIso - ok
13:37:34.0091 4388  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:37:34.0095 4388  KSecDD - ok
13:37:34.0120 4388  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:37:34.0121 4388  ksthunk - ok
13:37:34.0194 4388  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:37:34.0210 4388  KtmRm - ok
13:37:34.0262 4388  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:37:34.0265 4388  LanmanServer - ok
13:37:34.0310 4388  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:37:34.0313 4388  LanmanWorkstation - ok
13:37:34.0332 4388  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:37:34.0333 4388  lltdio - ok
13:37:34.0360 4388  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:37:34.0373 4388  lltdsvc - ok
13:37:34.0386 4388  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:37:34.0388 4388  lmhosts - ok
13:37:34.0434 4388  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:37:34.0459 4388  LSI_FC - ok
13:37:34.0486 4388  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:37:34.0489 4388  LSI_SAS - ok
13:37:34.0506 4388  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:37:34.0510 4388  LSI_SCSI - ok
13:37:34.0540 4388  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:37:34.0541 4388  luafv - ok
13:37:34.0578 4388  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:37:34.0588 4388  Mcx2Svc - ok
13:37:34.0594 4388  [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:37:34.0594 4388  mdmxsdk - ok
13:37:34.0622 4388  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
13:37:34.0624 4388  megasas - ok
13:37:34.0682 4388  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:37:34.0690 4388  MegaSR - ok
13:37:34.0722 4388  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
13:37:34.0723 4388  MMCSS - ok
13:37:34.0741 4388  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
13:37:34.0742 4388  Modem - ok
13:37:34.0823 4388  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:37:34.0824 4388  monitor - ok
13:37:34.0845 4388  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:37:34.0845 4388  mouclass - ok
13:37:34.0908 4388  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:37:34.0909 4388  mouhid - ok
13:37:34.0920 4388  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:37:34.0921 4388  MountMgr - ok
13:37:34.0992 4388  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:37:34.0993 4388  MozillaMaintenance - ok
13:37:35.0037 4388  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:37:35.0040 4388  mpio - ok
13:37:35.0057 4388  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:37:35.0058 4388  mpsdrv - ok
13:37:35.0239 4388  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:37:35.0327 4388  MpsSvc - ok
13:37:35.0342 4388  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:37:35.0344 4388  Mraid35x - ok
13:37:35.0383 4388  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:37:35.0385 4388  MRxDAV - ok
13:37:35.0446 4388  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:35.0448 4388  mrxsmb - ok
13:37:35.0557 4388  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:35.0559 4388  mrxsmb10 - ok
13:37:35.0585 4388  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:35.0587 4388  mrxsmb20 - ok
13:37:35.0635 4388  [ 730B784962D22D2C6481EAE2370E7C8C ] msahci          C:\Windows\system32\drivers\msahci.sys
13:37:35.0647 4388  msahci - ok
13:37:35.0663 4388  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:37:35.0666 4388  msdsm - ok
13:37:35.0693 4388  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
13:37:35.0696 4388  MSDTC - ok
13:37:35.0742 4388  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:37:35.0743 4388  Msfs - ok
13:37:35.0766 4388  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:37:35.0767 4388  msisadrv - ok
13:37:35.0803 4388  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:37:35.0805 4388  MSiSCSI - ok
13:37:35.0811 4388  msiserver - ok
13:37:35.0833 4388  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:37:35.0833 4388  MSKSSRV - ok
13:37:35.0853 4388  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:35.0854 4388  MSPCLOCK - ok
13:37:35.0871 4388  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:37:35.0872 4388  MSPQM - ok
13:37:36.0006 4388  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:37:36.0020 4388  MsRPC - ok
13:37:36.0038 4388  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:37:36.0039 4388  mssmbios - ok
13:37:36.0052 4388  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:37:36.0053 4388  MSTEE - ok
13:37:36.0067 4388  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:37:36.0068 4388  Mup - ok
13:37:36.0343 4388  [ 241BD3019FB31E812A51B31B06906335 ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
13:37:36.0344 4388  N360 - ok
13:37:36.0481 4388  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
13:37:36.0510 4388  napagent - ok
13:37:36.0605 4388  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:37:36.0606 4388  NativeWifiP - ok
13:37:36.0893 4388  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130523.003\ENG64.SYS
13:37:36.0894 4388  NAVENG - ok
13:37:36.0979 4388  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130523.003\EX64.SYS
13:37:36.0994 4388  NAVEX15 - ok
13:37:37.0196 4388  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:37:37.0231 4388  NDIS - ok
13:37:37.0265 4388  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:37.0266 4388  NdisTapi - ok
13:37:37.0282 4388  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:37.0283 4388  Ndisuio - ok
13:37:37.0338 4388  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:37.0339 4388  NdisWan - ok
13:37:37.0392 4388  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:37:37.0393 4388  NDProxy - ok
13:37:37.0498 4388  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:37:37.0500 4388  Net Driver HPZ12 - ok
13:37:37.0518 4388  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:37:37.0519 4388  NetBIOS - ok
13:37:37.0607 4388  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:37:37.0648 4388  netbt - ok
13:37:37.0687 4388  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
13:37:37.0688 4388  Netlogon - ok
13:37:37.0757 4388  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
13:37:37.0774 4388  Netman - ok
13:37:37.0827 4388  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:37.0856 4388  NetMsmqActivator - ok
13:37:37.0862 4388  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:37.0864 4388  NetPipeActivator - ok
13:37:37.0941 4388  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
13:37:37.0946 4388  netprofm - ok
13:37:37.0999 4388  [ 481D9B0DA819B1BA425DBB354DBDE518 ] netr28ux        C:\Windows\system32\DRIVERS\Dnetr28ux.sys
13:37:38.0011 4388  netr28ux - ok
13:37:38.0019 4388  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:38.0021 4388  NetTcpActivator - ok
13:37:38.0027 4388  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:38.0029 4388  NetTcpPortSharing - ok
13:37:38.0123 4388  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:37:38.0126 4388  nfrd960 - ok
13:37:38.0650 4388  [ D1B91713CBEC4D78A3D1B0FFEF09F6E4 ] NielsenUpdate   C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
13:37:38.0670 4388  NielsenUpdate - ok
13:37:38.0754 4388  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:37:38.0758 4388  NlaSvc - ok
13:37:38.0963 4388  [ C2A6C389108E6421A04D556FFB3D5E29 ] nnfwdk          C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys
13:37:38.0964 4388  nnfwdk - ok
13:37:39.0044 4388  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:37:39.0045 4388  Npfs - ok
13:37:39.0052 4388  npggsvc - ok
13:37:39.0119 4388  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
13:37:39.0121 4388  nsi - ok
13:37:39.0237 4388  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:37:39.0238 4388  nsiproxy - ok
13:37:39.0558 4388  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:37:39.0625 4388  Ntfs - ok
13:37:39.0641 4388  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
13:37:39.0641 4388  Null - ok
13:37:39.0680 4388  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:37:39.0707 4388  nvraid - ok
13:37:39.0735 4388  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:37:39.0738 4388  nvstor - ok
13:37:39.0773 4388  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:37:39.0774 4388  nv_agp - ok
13:37:39.0780 4388  NwlnkFlt - ok
13:37:39.0788 4388  NwlnkFwd - ok
13:37:39.0831 4388  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:37:39.0834 4388  ohci1394 - ok
13:37:39.0914 4388  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:39.0915 4388  ose - ok
13:37:40.0120 4388  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:37:40.0184 4388  osppsvc - ok
13:37:40.0287 4388  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:37:40.0302 4388  p2pimsvc - ok
13:37:40.0316 4388  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
13:37:40.0323 4388  p2psvc - ok
13:37:40.0403 4388  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
13:37:40.0431 4388  Parport - ok
13:37:40.0468 4388  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:37:40.0469 4388  partmgr - ok
13:37:40.0494 4388  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:37:40.0496 4388  PcaSvc - ok
13:37:40.0562 4388  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
13:37:40.0569 4388  pci - ok
13:37:40.0621 4388  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:37:40.0621 4388  pciide - ok
13:37:40.0659 4388  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:37:40.0663 4388  pcmcia - ok
13:37:40.0699 4388  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:37:40.0707 4388  PEAUTH - ok
13:37:40.0974 4388  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:37:40.0976 4388  PerfHost - ok
13:37:41.0207 4388  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
13:37:41.0256 4388  pla - ok
13:37:41.0302 4388  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:37:41.0306 4388  PlugPlay - ok
13:37:41.0345 4388  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:37:41.0346 4388  Pml Driver HPZ12 - ok
13:37:41.0462 4388  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:37:41.0470 4388  PNRPAutoReg - ok
13:37:41.0577 4388  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:37:41.0585 4388  PNRPsvc - ok
13:37:41.0677 4388  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:37:41.0716 4388  PolicyAgent - ok
13:37:41.0749 4388  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:37:41.0751 4388  PptpMiniport - ok
13:37:41.0819 4388  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
13:37:41.0831 4388  Processor - ok
13:37:41.0866 4388  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:37:41.0869 4388  ProfSvc - ok
13:37:41.0884 4388  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:41.0886 4388  ProtectedStorage - ok
13:37:41.0944 4388  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:37:41.0945 4388  PSched - ok
13:37:41.0969 4388  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
13:37:41.0970 4388  PSI - ok
13:37:41.0999 4388  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
13:37:42.0000 4388  PxHlpa64 - ok
13:37:42.0064 4388  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:37:42.0097 4388  ql2300 - ok
13:37:42.0118 4388  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:37:42.0123 4388  ql40xx - ok
13:37:42.0152 4388  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
13:37:42.0156 4388  QWAVE - ok
13:37:42.0171 4388  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:37:42.0172 4388  QWAVEdrv - ok
13:37:43.0363 4388  [ 22A14DF59FB8D0BE918C597988AF4296 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
13:37:43.0442 4388  R300 - ok
13:37:43.0481 4388  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:37:43.0482 4388  RasAcd - ok
13:37:43.0521 4388  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
13:37:43.0523 4388  RasAuto - ok
13:37:43.0571 4388  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:43.0572 4388  Rasl2tp - ok
13:37:43.0612 4388  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
13:37:43.0616 4388  RasMan - ok
13:37:43.0651 4388  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:43.0652 4388  RasPppoe - ok
13:37:43.0691 4388  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:37:43.0691 4388  RasSstp - ok
13:37:43.0762 4388  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:37:43.0764 4388  rdbss - ok
13:37:43.0857 4388  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:43.0857 4388  RDPCDD - ok
13:37:43.0963 4388  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:37:43.0972 4388  rdpdr - ok
13:37:43.0977 4388  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:37:43.0978 4388  RDPENCDD - ok
13:37:44.0051 4388  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:37:44.0053 4388  RDPWD - ok
13:37:44.0203 4388  [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
13:37:44.0203 4388  RealNetworks Downloader Resolver Service - ok
13:37:44.0281 4388  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:37:44.0315 4388  RemoteAccess - ok
13:37:44.0372 4388  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:37:44.0376 4388  RemoteRegistry - ok
13:37:44.0437 4388  [ AD42432D22940B4215177BE113E4919C ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:37:44.0438 4388  RimUsb - ok
13:37:44.0511 4388  [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:37:44.0512 4388  RimVSerPort - ok
13:37:44.0547 4388  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
13:37:44.0548 4388  ROOTMODEM - ok
13:37:44.0698 4388  [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
13:37:44.0700 4388  Roxio UPnP Renderer 9 - ok
13:37:44.0755 4388  [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
13:37:44.0758 4388  Roxio Upnp Server 9 - ok
13:37:44.0923 4388  [ 78E680A105F47B6AA0003BD23ED9FA51 ] RoxLiveShare9   C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
13:37:44.0926 4388  RoxLiveShare9 - ok
13:37:45.0042 4388  [ 9D5C024170C376D7CC66ED853FDA9068 ] RoxMediaDB9     C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
13:37:45.0069 4388  RoxMediaDB9 - ok
13:37:45.0117 4388  [ 87F175539DBBA297018AA7FCDD563FF7 ] RoxWatch9       C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
13:37:45.0119 4388  RoxWatch9 - ok
13:37:45.0214 4388  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
13:37:45.0216 4388  RpcLocator - ok
13:37:45.0358 4388  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\System32\rpcss.dll
13:37:45.0365 4388  RpcSs - ok
13:37:45.0440 4388  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:37:45.0441 4388  rspndr - ok
13:37:45.0491 4388  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
13:37:45.0492 4388  SamSs - ok
13:37:45.0511 4388  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:37:45.0522 4388  sbp2port - ok
13:37:45.0564 4388  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:37:45.0567 4388  SCardSvr - ok
13:37:45.0812 4388  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
13:37:45.0841 4388  Schedule - ok
13:37:45.0883 4388  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:37:45.0884 4388  SCPolicySvc - ok
13:37:45.0956 4388  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:37:45.0959 4388  SDRSVC - ok
13:37:45.0983 4388  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:37:45.0984 4388  secdrv - ok
13:37:46.0041 4388  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
13:37:46.0043 4388  seclogon - ok
13:37:46.0427 4388  [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:37:46.0472 4388  Secunia PSI Agent - ok
13:37:46.0522 4388  [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
13:37:46.0526 4388  Secunia Update Agent - ok
13:37:46.0564 4388  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\system32\sens.dll
13:37:46.0567 4388  SENS - ok
13:37:46.0578 4388  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:37:46.0578 4388  Serenum - ok
13:37:46.0617 4388  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
13:37:46.0618 4388  Serial - ok
13:37:46.0642 4388  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:37:46.0644 4388  sermouse - ok
13:37:46.0672 4388  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:37:46.0675 4388  SessionEnv - ok
13:37:46.0688 4388  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:37:46.0691 4388  sffdisk - ok
13:37:46.0704 4388  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:37:46.0705 4388  sffp_mmc - ok
13:37:46.0721 4388  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:37:46.0722 4388  sffp_sd - ok
13:37:46.0732 4388  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:37:46.0735 4388  sfloppy - ok
13:37:46.0765 4388  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:37:46.0769 4388  SharedAccess - ok
13:37:46.0826 4388  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:46.0830 4388  ShellHWDetection - ok
13:37:46.0849 4388  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:37:46.0852 4388  SiSRaid2 - ok
13:37:46.0869 4388  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:37:46.0873 4388  SiSRaid4 - ok
13:37:46.0941 4388  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
13:37:46.0990 4388  slsvc - ok
13:37:47.0026 4388  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:37:47.0029 4388  SLUINotify - ok
13:37:47.0060 4388  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:37:47.0061 4388  Smb - ok
13:37:47.0094 4388  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:37:47.0096 4388  SNMPTRAP - ok
13:37:47.0159 4388  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
13:37:47.0160 4388  spldr - ok
13:37:47.0207 4388  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
13:37:47.0211 4388  Spooler - ok
13:37:47.0321 4388  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\N360x64\1403010.016\SRTSP64.SYS
13:37:47.0327 4388  SRTSP - ok
13:37:47.0349 4388  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\N360x64\1403010.016\SRTSPX64.SYS
13:37:47.0351 4388  SRTSPX - ok
13:37:47.0421 4388  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:37:47.0446 4388  srv - ok
13:37:47.0487 4388  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:37:47.0489 4388  srv2 - ok
13:37:47.0527 4388  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:37:47.0528 4388  srvnet - ok
13:37:47.0550 4388  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:37:47.0554 4388  SSDPSRV - ok
13:37:47.0581 4388  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:37:47.0584 4388  SstpSvc - ok
13:37:47.0629 4388  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
13:37:47.0635 4388  stisvc - ok
13:37:47.0696 4388  [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
13:37:47.0697 4388  stllssvr - ok
13:37:47.0753 4388  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:37:47.0753 4388  swenum - ok
13:37:47.0809 4388  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
13:37:47.0815 4388  swprv - ok
13:37:47.0837 4388  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:37:47.0839 4388  Symc8xx - ok
13:37:47.0864 4388  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS
13:37:47.0871 4388  SymDS - ok
13:37:48.0174 4388  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS
13:37:48.0297 4388  SymEFA - ok
13:37:48.0342 4388  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:37:48.0344 4388  SymEvent - ok
13:37:48.0392 4388  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS
13:37:48.0393 4388  SymIRON - ok
13:37:48.0422 4388  [ F3FD539BA3D1C12BFB7C8EC03C634471 ] SYMTDIv         C:\Windows\System32\Drivers\N360x64\1403010.016\SYMTDIV.SYS
13:37:48.0426 4388  SYMTDIv - ok
13:37:48.0443 4388  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:37:48.0446 4388  Sym_hi - ok
13:37:48.0463 4388  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:37:48.0466 4388  Sym_u3 - ok
13:37:48.0527 4388  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
13:37:48.0540 4388  SysMain - ok
13:37:48.0562 4388  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:48.0565 4388  TabletInputService - ok
13:37:48.0611 4388  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:37:48.0617 4388  TapiSrv - ok
13:37:48.0635 4388  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
13:37:48.0637 4388  TBS - ok
13:37:48.0691 4388  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:37:48.0702 4388  Tcpip - ok
13:37:48.0733 4388  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:37:48.0744 4388  Tcpip6 - ok
13:37:48.0790 4388  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:37:48.0791 4388  tcpipreg - ok
13:37:48.0841 4388  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:37:48.0842 4388  TDPIPE - ok
13:37:48.0865 4388  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:37:48.0866 4388  TDTCP - ok
13:37:48.0900 4388  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:37:48.0901 4388  tdx - ok
13:37:48.0917 4388  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:37:48.0919 4388  TermDD - ok
13:37:48.0979 4388  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
13:37:48.0987 4388  TermService - ok
13:37:49.0007 4388  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
13:37:49.0011 4388  Themes - ok
13:37:49.0039 4388  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:37:49.0041 4388  THREADORDER - ok
13:37:49.0066 4388  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
13:37:49.0069 4388  TrkWks - ok
13:37:49.0108 4388  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:49.0108 4388  TrustedInstaller - ok
13:37:49.0149 4388  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:49.0150 4388  tssecsrv - ok
13:37:49.0180 4388  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:37:49.0181 4388  tunmp - ok
13:37:49.0204 4388  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:37:49.0205 4388  tunnel - ok
13:37:49.0240 4388  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:37:49.0241 4388  uagp35 - ok
13:37:49.0293 4388  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:37:49.0299 4388  udfs - ok
13:37:49.0311 4388  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:37:49.0315 4388  UI0Detect - ok
13:37:49.0357 4388  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:37:49.0358 4388  uliagpkx - ok
13:37:49.0377 4388  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:37:49.0383 4388  uliahci - ok
13:37:49.0420 4388  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:37:49.0423 4388  UlSata - ok
13:37:49.0445 4388  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:37:49.0448 4388  ulsata2 - ok
13:37:49.0466 4388  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:37:49.0467 4388  umbus - ok
13:37:49.0491 4388  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
13:37:49.0498 4388  upnphost - ok
13:37:49.0556 4388  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:37:49.0557 4388  USBAAPL64 - ok
13:37:49.0623 4388  [ 5FCC71487888589A9244AF54CFEFAB29 ] usbbus          C:\Windows\system32\DRIVERS\lgx64bus.sys
13:37:49.0624 4388  usbbus - ok
13:37:49.0671 4388  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:49.0673 4388  usbccgp - ok
13:37:49.0705 4388  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:37:49.0713 4388  usbcir - ok
13:37:49.0784 4388  [ 3FB6E423F7567C92C32EA786F5FD0C69 ] UsbDiag         C:\Windows\system32\DRIVERS\lgx64diag.sys
13:37:49.0784 4388  UsbDiag - ok
13:37:49.0806 4388  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:37:49.0807 4388  usbehci - ok
13:37:49.0851 4388  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:37:49.0854 4388  usbhub - ok
13:37:49.0884 4388  [ 78D551F5B93488B4666F5FC8DD4815F3 ] USBModem        C:\Windows\system32\DRIVERS\lgx64modem.sys
13:37:49.0885 4388  USBModem - ok
13:37:49.0901 4388  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:37:49.0903 4388  usbohci - ok
13:37:49.0930 4388  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:37:49.0931 4388  usbprint - ok
13:37:49.0953 4388  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:37:49.0955 4388  usbscan - ok
13:37:49.0988 4388  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:49.0989 4388  USBSTOR - ok
13:37:50.0049 4388  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:37:50.0050 4388  usbuhci - ok
13:37:50.0090 4388  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
13:37:50.0093 4388  UxSms - ok
13:37:50.0138 4388  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
13:37:50.0146 4388  vds - ok
13:37:50.0164 4388  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:50.0165 4388  vga - ok
13:37:50.0189 4388  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:37:50.0190 4388  VgaSave - ok
13:37:50.0211 4388  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
13:37:50.0213 4388  viaide - ok
13:37:50.0241 4388  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:37:50.0242 4388  volmgr - ok
13:37:50.0272 4388  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:37:50.0276 4388  volmgrx - ok
13:37:50.0338 4388  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:37:50.0341 4388  volsnap - ok
13:37:50.0360 4388  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:37:50.0363 4388  vsmraid - ok
13:37:50.0415 4388  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
13:37:50.0441 4388  VSS - ok
13:37:50.0486 4388  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
13:37:50.0492 4388  W32Time - ok
13:37:50.0513 4388  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:37:50.0515 4388  WacomPen - ok
13:37:50.0563 4388  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:37:50.0564 4388  Wanarp - ok
13:37:50.0571 4388  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:37:50.0572 4388  Wanarpv6 - ok
13:37:50.0683 4388  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:37:50.0698 4388  wcncsvc - ok
13:37:50.0709 4388  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:37:50.0713 4388  WcsPlugInService - ok
13:37:50.0737 4388  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
13:37:50.0739 4388  Wd - ok
13:37:50.0801 4388  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:37:50.0811 4388  Wdf01000 - ok
13:37:50.0826 4388  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:37:50.0829 4388  WdiServiceHost - ok
13:37:50.0835 4388  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:37:50.0839 4388  WdiSystemHost - ok
13:37:50.0855 4388  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
13:37:50.0859 4388  WebClient - ok
13:37:50.0916 4388  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:37:50.0920 4388  Wecsvc - ok
13:37:50.0943 4388  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:37:50.0946 4388  wercplsupport - ok
13:37:50.0960 4388  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
13:37:50.0964 4388  WerSvc - ok
13:37:51.0003 4388  [ A53CDE6BEEA165FE9B430476EEDE3C54 ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
13:37:51.0011 4388  winachsf - ok
13:37:51.0022 4388  WinDefend - ok
13:37:51.0033 4388  WinHttpAutoProxySvc - ok
13:37:51.0098 4388  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:37:51.0101 4388  Winmgmt - ok
13:37:51.0304 4388  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:37:51.0344 4388  WinRM - ok
13:37:51.0396 4388  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:37:51.0405 4388  Wlansvc - ok
13:37:51.0564 4388  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:37:51.0603 4388  wlidsvc - ok
13:37:51.0627 4388  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:37:51.0630 4388  WmiAcpi - ok
13:37:51.0674 4388  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:37:51.0676 4388  wmiApSrv - ok
13:37:51.0688 4388  WMPNetworkSvc - ok
13:37:51.0724 4388  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:37:51.0728 4388  WPCSvc - ok
13:37:51.0764 4388  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:37:51.0768 4388  WPDBusEnum - ok
13:37:51.0801 4388  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:37:51.0802 4388  WpdUsb - ok
13:37:51.0968 4388  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:37:51.0980 4388  WPFFontCache_v0400 - ok
13:37:52.0004 4388  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:37:52.0005 4388  ws2ifsl - ok
13:37:52.0054 4388  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\system32\wscsvc.dll
13:37:52.0057 4388  wscsvc - ok
13:37:52.0064 4388  WSearch - ok
13:37:52.0163 4388  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:37:52.0227 4388  wuauserv - ok
13:37:52.0348 4388  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:37:52.0349 4388  WudfPf - ok
13:37:52.0399 4388  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:37:52.0402 4388  wudfsvc - ok
13:37:52.0456 4388  [ F22E443518BC599D12888DAF292A56D8 ] XAudio          C:\Windows\system32\DRIVERS\xaudio64.sys
13:37:52.0457 4388  XAudio - ok
13:37:52.0482 4388  [ 963C27034BBA4AC52A13F7A3C657C708 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio64.exe
13:37:52.0487 4388  XAudioService - ok
13:37:52.0714 4388  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:37:52.0719 4388  YahooAUService - ok
13:37:52.0723 4388  ================ Scan global ===============================
13:37:52.0751 4388  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
13:37:52.0797 4388  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:37:52.0813 4388  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
13:37:52.0862 4388  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
13:37:52.0867 4388  [Global] - ok
13:37:52.0868 4388  ================ Scan MBR ==================================
13:37:52.0885 4388  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
13:37:53.0439 4388  \Device\Harddisk0\DR0 - ok
13:37:53.0440 4388  ================ Scan VBR ==================================
13:37:53.0473 4388  [ 3DFBA14AF92E5FFB4121740B84C67E09 ] \Device\Harddisk0\DR0\Partition1
13:37:53.0477 4388  \Device\Harddisk0\DR0\Partition1 - ok
13:37:53.0480 4388  [ 0813123CE799269254B6EE61A39A69AF ] \Device\Harddisk0\DR0\Partition2
13:37:53.0481 4388  \Device\Harddisk0\DR0\Partition2 - ok
13:37:53.0482 4388  ============================================================
13:37:53.0482 4388  Scan finished
13:37:53.0482 4388  ============================================================
13:37:53.0492 1092  Detected object count: 1
13:37:53.0493 1092  Actual detected object count: 1
13:38:22.0508 1092  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
13:38:22.0508 1092  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
 



#12 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 06:38 PM

Still waiting on ESET Online to finish.  Definitely has found some threats.   Only about 50% done after 4+ hours.  



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:43 AM

Posted 23 May 2013 - 08:11 PM

OK ,thanks will  look back.

 

Also I did not see an Antivirus installed ,is that correct?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 10:36 PM

Not correct..have Norton as my antivirus



#15 TomV22

TomV22
  • Topic Starter

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 23 May 2013 - 11:46 PM

ESET log file (finally..ugh!) :

 

C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe.vir    Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToOLbar32.dll.vir    a variant of Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe.vir    a variant of Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
C:\Users\Tom\AppData\Local\Updater26766\Updater26766.exe    a variant of Win32/Toolbar.CrossRider.C application    cleaned by deleting - quarantined
C:\Users\Tom\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-us.cab    Win32/OpenCandy application    deleted - quarantined
C:\Users\Tom\Desktop\Downloads\ARO2012_tbt.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Users\Tom\Desktop\Downloads\cnet_pdfmergeeval_exe.exe    a variant of Win32/InstallCore.D application    cleaned by deleting - quarantined
C:\Users\Tom\Desktop\Downloads\converterlite_d793252.exe    probably a variant of Win32/InstallIQ application    cleaned by deleting - quarantined
C:\Users\Tom\Desktop\Downloads\CuteWriter.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Users\Tom\Desktop\Downloads\produkey.zip    Win32/PSWTool.ProductKey application    deleted - quarantined
C:\Users\Tom\Desktop\Downloads\vlcmediaplayer-setup.exe    multiple threats    cleaned by deleting - quarantined
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users